apiVersion: v1
kind: ConfigMap
metadata:
  name: jenkins-casc-config
data:
  jenkins.yaml: |
    jenkins:
      mode: EXCLUSIVE
      numExecutors: 5
      scmCheckoutRetryCount: 2

      clouds:
        - kubernetes:
            name: "kubernetes"
            serverUrl: "https://kubernetes.default"
            skipTlsVerify: true
            namespace: "kubesphere-devops-system"
            credentialsId: "k8s-service-account"
            jenkinsUrl: "http://ks-jenkins.kubesphere-devops-system:80"
            jenkinsTunnel: "ks-jenkins-agent.kubesphere-devops-system:50000"
            containerCapStr: "100"
            connectTimeout: "60"
            readTimeout: "60"
            maxRequestsPerHostStr: "32"
            templates:
              - name: "base"
                namespace: "kubesphere-devops-system"
                label: "base"
                nodeUsageMode: "NORMAL"
                idleMinutes: 0
                containers:
                - name: "base"
                  image: "{{ builder_base_repo }}:{{ builder_base_tag }}"
                  command: "cat"
                  args: ""
                  ttyEnabled: true
                  resourceRequestCpu: "100m"
                  resourceLimitCpu: "4000m"
                  resourceRequestMemory: "100Mi"
                  resourceLimitMemory: "8192Mi"
                - name: "jnlp"
                  image: "{{ jnlp_slave_repo }}:{{ jnlp_slave_tag }}"
                  command: "jenkins-slave"
                  args: "^${computer.jnlpmac} ^${computer.name}"
                  resourceRequestCpu: "50m"
                  resourceRequestMemory: "400Mi"
                  resourceLimitMemory: "1536Mi"
                workspaceVolume:
                  emptyDirWorkspaceVolume:
                    memory: false
                volumes:
                - hostPathVolume:
                    hostPath: "/var/run/docker.sock"
                    mountPath: "/var/run/docker.sock"
                - hostPathVolume:
                    hostPath: "sonar_cache"
                    mountPath: "/root/.sonar/cache"
                yaml: "spec:\r\n  affinity:\r\n    nodeAffinity:\r\n      preferredDuringSchedulingIgnoredDuringExecution:\r\n      - weight: 1\r\n        preference:\r\n          matchExpressions:\r\n          - key: node-role.kubernetes.io/worker\r\n            operator: In\r\n            values:\r\n            - ci\r\n  tolerations:\r\n  - key: \"node.kubernetes.io/ci\"\r\n    operator: \"Exists\"\r\n    effect: \"NoSchedule\"\r\n  - key: \"node.kubernetes.io/ci\"\r\n    operator: \"Exists\"\r\n    effect: \"PreferNoSchedule\"\r\n  containers:\r\n  - name: \"base\"\r\n    resources:\r\n      requests:\r\n        ephemeral-storage: \"1Gi\"\r\n      limits:\r\n        ephemeral-storage: \"10Gi\"\r\n  securityContext:\r\n    fsGroup: 1000\r\n "
              - name: "nodejs"
                namespace: "kubesphere-devops-system"
                label: "nodejs"
                nodeUsageMode: "EXCLUSIVE"
                idleMinutes: 0
                containers:
                - name: "nodejs"
                  image: "{{ builder_nodejs_repo }}:{{ builder_nodejs_tag }}"
                  command: "cat"
                  args: ""
                  ttyEnabled: true
                  resourceRequestCpu: "100m"
                  resourceLimitCpu: "4000m"
                  resourceRequestMemory: "100Mi"
                  resourceLimitMemory: "8192Mi"
                - name: "jnlp"
                  image: "{{ jnlp_slave_repo }}:{{ jnlp_slave_tag }}"
                  command: "jenkins-slave"
                  args: "^${computer.jnlpmac} ^${computer.name}"
                  resourceRequestCpu: "50m"
                  resourceRequestMemory: "400Mi"
                  resourceLimitMemory: "1536Mi"
                workspaceVolume:
                  emptyDirWorkspaceVolume:
                    memory: false
                volumes:
                - hostPathVolume:
                    hostPath: "/var/run/docker.sock"
                    mountPath: "/var/run/docker.sock"
                - hostPathVolume:
                    hostPath: "jenkins_nodejs_yarn_cache"
                    mountPath: "/root/.yarn"
                - hostPathVolume:
                    hostPath: "jenkins_nodejs_npm_cache"
                    mountPath: "/root/.npm"
                - hostPathVolume:
                    hostPath: "sonar_cache"
                    mountPath: "/root/.sonar/cache"
                yaml: "spec:\r\n  affinity:\r\n    nodeAffinity:\r\n      preferredDuringSchedulingIgnoredDuringExecution:\r\n      - weight: 1\r\n        preference:\r\n          matchExpressions:\r\n          - key: node-role.kubernetes.io/worker\r\n            operator: In\r\n            values:\r\n            - ci\r\n  tolerations:\r\n  - key: \"node.kubernetes.io/ci\"\r\n    operator: \"Exists\"\r\n    effect: \"NoSchedule\"\r\n  - key: \"node.kubernetes.io/ci\"\r\n    operator: \"Exists\"\r\n    effect: \"PreferNoSchedule\"\r\n  containers:\r\n  - name: \"nodejs\"\r\n    resources:\r\n      requests:\r\n        ephemeral-storage: \"1Gi\"\r\n      limits:\r\n        ephemeral-storage: \"10Gi\"\r\n  securityContext:\r\n    fsGroup: 1000\r\n "
              - name: "maven"
                namespace: "kubesphere-devops-system"
                label: "maven"
                nodeUsageMode: "EXCLUSIVE"
                idleMinutes: 0
                containers:
                - name: "maven"
                  image: "{{ builder_maven_repo }}:{{ builder_maven_tag }}"
                  command: "cat"
                  args: ""
                  ttyEnabled: true
                  resourceRequestCpu: "100m"
                  resourceLimitCpu: "4000m"
                  resourceRequestMemory: "100Mi"
                  resourceLimitMemory: "8192Mi"
                - name: "jnlp"
                  image: "{{ jnlp_slave_repo }}:{{ jnlp_slave_tag }}"
                  command: "jenkins-slave"
                  args: "^${computer.jnlpmac} ^${computer.name}"
                  resourceRequestCpu: "50m"
                  resourceRequestMemory: "400Mi"
                  resourceLimitMemory: "1536Mi"
                workspaceVolume:
                  emptyDirWorkspaceVolume:
                    memory: false
                volumes:
                - hostPathVolume:
                    hostPath: "/var/run/docker.sock"
                    mountPath: "/var/run/docker.sock"
                - hostPathVolume:
                    hostPath: "jenkins_maven_cache"
                    mountPath: "/root/.m2"
                - hostPathVolume:
                    hostPath: "sonar_cache"
                    mountPath: "/root/.sonar/cache"
                yaml: "spec:\r\n  affinity:\r\n    nodeAffinity:\r\n      preferredDuringSchedulingIgnoredDuringExecution:\r\n      - weight: 1\r\n        preference:\r\n          matchExpressions:\r\n          - key: node-role.kubernetes.io/worker\r\n            operator: In\r\n            values:\r\n            - ci\r\n  tolerations:\r\n  - key: \"node.kubernetes.io/ci\"\r\n    operator: \"Exists\"\r\n    effect: \"NoSchedule\"\r\n  - key: \"node.kubernetes.io/ci\"\r\n    operator: \"Exists\"\r\n    effect: \"PreferNoSchedule\"\r\n  containers:\r\n  - name: \"maven\"\r\n    resources:\r\n      requests:\r\n        ephemeral-storage: \"1Gi\"\r\n      limits:\r\n        ephemeral-storage: \"10Gi\"\r\n    volumeMounts:\r\n    - name: config-volume\r\n      mountPath: /opt/apache-maven-3.5.3/conf/settings.xml\r\n      subPath: settings.xml\r\n  volumes:\r\n    - name: config-volume\r\n      configMap:\r\n        name: ks-devops-agent\r\n        items:\r\n        - key: MavenSetting\r\n          path: settings.xml\r\n  securityContext:\r\n    fsGroup: 1000\r\n "
              - name: "go"
                namespace: "kubesphere-devops-system"
                label: "go"
                nodeUsageMode: "EXCLUSIVE"
                idleMinutes: 0
                containers:
                - name: "go"
                  image: "{{ builder_go_repo }}:{{ builder_go_tag }}"
                  command: "cat"
                  args: ""
                  ttyEnabled: true
                  resourceRequestCpu: "100m"
                  resourceLimitCpu: "4000m"
                  resourceRequestMemory: "100Mi"
                  resourceLimitMemory: "8192Mi"
                - name: "jnlp"
                  image: "{{ jnlp_slave_repo }}:{{ jnlp_slave_tag }}"
                  command: "jenkins-slave"
                  args: "^${computer.jnlpmac} ^${computer.name}"
                  resourceRequestCpu: "50m"
                  resourceRequestMemory: "400Mi"
                  resourceLimitMemory: "1536Mi"
                workspaceVolume:
                  emptyDirWorkspaceVolume:
                    memory: false
                volumes:
                - hostPathVolume:
                    hostPath: "/var/run/docker.sock"
                    mountPath: "/var/run/docker.sock"
                - hostPathVolume:
                    hostPath: "jenkins_go_cache"
                    mountPath: "/home/jenkins/go/pkg"
                - hostPathVolume:
                    hostPath: "sonar_cache"
                    mountPath: "/root/.sonar/cache"
                yaml: "spec:\r\n  affinity:\r\n    nodeAffinity:\r\n      preferredDuringSchedulingIgnoredDuringExecution:\r\n      - weight: 1\r\n        preference:\r\n          matchExpressions:\r\n          - key: node-role.kubernetes.io/worker\r\n            operator: In\r\n            values:\r\n            - ci\r\n  tolerations:\r\n  - key: \"node.kubernetes.io/ci\"\r\n    operator: \"Exists\"\r\n    effect: \"NoSchedule\"\r\n  - key: \"node.kubernetes.io/ci\"\r\n    operator: \"Exists\"\r\n    effect: \"PreferNoSchedule\"\r\n  containers:\r\n  - name: \"go\"\r\n    resources:\r\n      requests:\r\n        ephemeral-storage: \"1Gi\"\r\n      limits:\r\n        ephemeral-storage: \"10Gi\"\r\n  securityContext:\r\n    fsGroup: 1000\r\n "
      securityRealm:
        ldap:
          configurations:
          - displayNameAttributeName: "uid"
            mailAddressAttributeName: "mail"
            inhibitInferRootDN: false
            managerDN: "cn=admin,dc=kubesphere,dc=io"
            managerPasswordSecret: "admin"
            rootDN: "dc=kubesphere,dc=io"
            userSearchBase: "ou=Users"
            userSearch: "(&(objectClass=inetOrgPerson)(|(uid={0})(mail={0})))"
            groupSearchBase: "ou=Groups"
            groupSearchFilter: "(&(objectClass=posixGroup)(cn={0}))"
            server: "ldap://openldap.kubesphere-system.svc:389"
          disableMailAddressResolver: false
          disableRolePrefixing: true

    unclassified:
      location:
        url: "http://{{ JenkinsLocationUrl }}:30180/"
      kubespheretokenauthglobalconfiguration:
        cacheConfiguration:
          size: 20
          ttl: 300
        enabled: true
        server: "http://ks-apigateway.kubesphere-system.svc/"
    jobs:
      - script: >
          pipelineJob('init-job') {
            definition {
              cps {
                script("""\
                  pipeline {
                    agent any
                    stages {
                      stage ('hello') {
                        steps {
                          echo "hello"
                        }
                      }
                    }
                  }""".stripIndent())
              }
            }
          }
